Juice Shop scann report
| Risk Level | Number of Alerts |
|---|---|
|
High
|
0
|
|
Medium
|
4
|
|
Low
|
4
|
| Name | Risk Level | Number of Instances |
|---|---|---|
| Content Security Policy (CSP) Header Not Set | Medium | 46 |
| Cross-Domain Misconfiguration | Medium | 41 |
| Missing Anti-clickjacking Header | Medium | 39 |
| Session ID in URL Rewrite | Medium | 156 |
| Cross-Domain JavaScript Source File Inclusion | Low | 18 |
| Private IP Disclosure | Low | 1 |
| Timestamp Disclosure - Unix | Low | 5 |
| X-Content-Type-Options Header Missing | Low | 156 |
| HTTP Response Code | Number of Responses |
|---|
| Parameter Name | Type | Flags | Times Used | # Values |
|---|
| HTTP Response Code | Number of Responses |
|---|---|
| 304 Not Modified |
919
|
| 200 OK |
529
|
| 101 Switching Protocols |
39
|
| Parameter Name | Type | Flags | Times Used | # Values |
|---|---|---|---|---|
|
cookieconsent_status
|
Cookie
|
708
|
1
|
|
|
language
|
Cookie
|
1277
|
1
|
|
|
welcomebanner_status
|
Cookie
|
629
|
1
|
|
|
EIO
|
URL
|
196
|
1
|
|
|
name
|
URL
|
78
|
1
|
|
|
q
|
URL
|
39
|
1
|
|
|
sid
|
URL
|
157
|
39
|
|
|
t
|
URL
|
157
|
157
|
|
|
transport
|
URL
|
196
|
2
|
|
|
Accept-Ranges
|
Header
|
811
|
1
|
|
|
Access-Control-Allow-Origin
|
Header
|
1291
|
1
|
|
|
Cache-Control
|
Header
|
811
|
1
|
|
|
Connection
|
Header
|
1487
|
2
|
|
|
Content-Length
|
Header
|
529
|
38
|
|
|
Content-Type
|
Header
|
529
|
12
|
|
|
Date
|
Header
|
1448
|
72
|
|
|
ETag
|
Header
|
1291
|
34
|
|
|
Feature-Policy
|
Header
|
1291
|
1
|
|
|
Keep-Alive
|
Header
|
1448
|
1
|
|
|
Last-Modified
|
Header
|
811
|
3
|
|
|
Sec-WebSocket-Accept
|
Header
|
39
|
39
|
|
|
Upgrade
|
Header
|
39
|
1
|
|
|
Vary
|
Header
|
254
|
1
|
|
|
X-Content-Type-Options
|
Header
|
1291
|
1
|
|
|
X-Frame-Options
|
Header
|
1291
|
1
|
|
|
X-Recruiting
|
Header
|
1291
|
1
|
| HTTP Response Code | Number of Responses |
|---|---|
| 200 OK |
3
|
| Parameter Name | Type | Flags | Times Used | # Values |
|---|---|---|---|---|
|
Accept-Ranges
|
Header
|
3
|
1
|
|
|
Access-Control-Allow-Origin
|
Header
|
3
|
1
|
|
|
Cache-Control
|
Header
|
3
|
1
|
|
|
Connection
|
Header
|
3
|
1
|
|
|
Content-Length
|
Header
|
3
|
1
|
|
|
Content-Type
|
Header
|
3
|
1
|
|
|
Date
|
Header
|
3
|
1
|
|
|
ETag
|
Header
|
3
|
1
|
|
|
Feature-Policy
|
Header
|
3
|
1
|
|
|
Keep-Alive
|
Header
|
3
|
1
|
|
|
Last-Modified
|
Header
|
3
|
1
|
|
|
Vary
|
Header
|
3
|
1
|
|
|
X-Content-Type-Options
|
Header
|
3
|
1
|
|
|
X-Frame-Options
|
Header
|
3
|
1
|
|
|
X-Recruiting
|
Header
|
3
|
1
|
|
Medium |
Content Security Policy (CSP) Header Not Set |
|---|---|
| Description |
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
|
| URL | http://npm:3000/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 315 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/.git/assets/public/favicon_js.ico |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 139 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/.git/main.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 118 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/.git/polyfills.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 123 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/.git/runtime.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 121 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/.git/styles.css |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 121 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/.git/vendor.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 120 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIHLd&sid=I7I4X5inxe7hoy0kAAAA |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 384 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLII2k&sid=nygHk0OIjKBqRkkZAAAC |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 405 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIJAQ&sid=25bXLdRCcIYJnsayAAAE |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 405 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIKPe&sid=XObG3WIR01nOTZlNAAAG |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 384 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLILdS&sid=YH9d9WrzS9k-OXRrAAAI |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 384 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIM_V&sid=mu1Ixd0uyrisu0F8AAAM |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 405 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIMMe&sid=vZXYvnsUBmJ32RYeAAAK |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 435 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLINCO&sid=6sSX-WBF5ipcfqX7AAAO |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 435 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLINxv&sid=3P2-87dEtAAKTgl2AAAQ |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 384 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIOKm&sid=Pe367Ih1ehCdZNx9AAAS |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 435 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIOtw&sid=7nJlPUHurreffFJYAAAU |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 405 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIPo-&sid=fg-tlkGMOOwtjk1hAAAX |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 405 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIPV2&sid=8JqjaiacqQeI5cUeAAAW |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 435 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIQVU&sid=mdYZyLMJditeTU1xAAAa |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 384 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIRH5&sid=8s91GlJRcInIItVOAAAc |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 465 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIRxB&sid=FGxLCnu9JLD8JpzsAAAf |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 465 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIS5S&sid=4-mz4tPoxUP3LbSlAAAe |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 435 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIS6E&sid=sbJJdvnkJrFrQOlTAAAg |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 435 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLITD_&sid=NY6YjgJI6hw-3MfsAAAk |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 384 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLITP0&sid=B0yEvuOEGNLvOsBPAAAm |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 465 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLITPf&sid=uP_A_SaOKjynTm7XAAAl |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 435 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLITYK&sid=B0aBPlGNpmik_IR7AAAn |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 465 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIU7F&sid=Z5u0U18ut_kS-RZuAAAs |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 435 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIUft&sid=9WW0YI_tB215JVOVAAAw |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 465 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIUUd&sid=CljmHVnnTiObKjZCAAAt |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 405 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIUxk&sid=agRfiTJThQSzwSYNAAAx |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 435 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIVHd&sid=fYVvJcfVVTQptyl0AAAv |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 465 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIVoS&sid=r3zKO-90lanwGqkxAAA3 |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 465 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIW1p&sid=fWQZbIOx0LFByMaMAAA4 |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 435 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIW7S&sid=muZqxqsHZh7AkD4DAAA2 |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 435 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIWRi&sid=Y1mSt1McVNHb4R1dAAA7 |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 465 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIX0G&sid=ZREl2KWWqRr1bHBQAAA- |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 465 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIXJ8&sid=0ytWpBW35-zpJab8AAA_ |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 435 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIXuh&sid=--T-1T_sZTjf1UZSAABB |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 465 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIXur&sid=tKcovsbmZV-t34-vAABC |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 384 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIXxC&sid=Z72ahMpmhXyvcbKyAABE |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 405 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIXZI&sid=9AZ6WF265Hpa5yn5AABD |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 405 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIYTs&sid=OuWLRRWsU9C5X_WtAABK |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 465 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| URL | http://npm:3000/socket.io/?EIO=4&transport=polling&t=OrLIYvf&sid=MM3uJjCGiXH9L7xTAABL |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 465 bytes. | |
| Request Body - size: 2 bytes. | |
| Response Header - size: 147 bytes. | |
| Response Body - size: 2 bytes. | |
| Instances | 46 |
| Solution |
Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.
|
| Reference |
https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html http://www.w3.org/TR/CSP/ http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.html http://www.html5rocks.com/en/tutorials/security/content-security-policy/ http://caniuse.com/#feat=contentsecuritypolicy http://content-security-policy.com/ |
| Tags |
OWASP_2021_A05
OWASP_2017_A06 |
| CWE Id | 693 |
| WASC Id | 15 |
| Plugin Id | 10038 |
|
Medium |
Cross-Domain Misconfiguration |
|---|---|
| Description |
Web browser data loading may be possible, due to a Cross Origin Resource Sharing (CORS) misconfiguration on the web server
|
| URL | http://NPM:3000 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Request Header - size: 216 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Request Header - size: 315 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/.git/assets/public/favicon_js.ico |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Request Header - size: 139 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://NPM:3000/.git/index |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Request Header - size: 116 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/.git/main.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Request Header - size: 118 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/.git/polyfills.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Request Header - size: 123 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/.git/runtime.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Request Header - size: 121 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/.git/styles.css |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Request Header - size: 121 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/.git/vendor.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Request Header - size: 120 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 466 bytes. | |
| Response Body - size: 1,987 bytes. | |
| URL | http://npm:3000/api/Challenges/?name=Score%20Board |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Request Header - size: 294 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 386 bytes. | |
| Response Body - size: 624 bytes. | |
| URL | http://npm:3000/api/Quantitys/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Request Header - size: 274 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 388 bytes. | |
| Response Body - size: 5,991 bytes. | |
| URL | http://npm:3000/assets/i18n/en.json |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Request Header - size: 279 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 475 bytes. | |
| Response Body - size: 28,267 bytes. | |
| URL | http://npm:3000/assets/public/favicon_js.ico |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Request Header - size: 301 bytes. | |
| Request Body - size: 0 bytes. | |
| Response Header - size: 456 bytes. | |
| Response Body - size: 15,086 bytes. | |